This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "Template:Main Left Panel"
Hblankenship (talk | contribs) |
Hblankenship (talk | contribs) |
||
| Line 27: | Line 27: | ||
<div>Automatically finds security vulnerabilities in your web applications while you are developing and testing your applications</div> | <div>Automatically finds security vulnerabilities in your web applications while you are developing and testing your applications</div> | ||
</div> | </div> | ||
| − | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;"> | + | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;background:lightgray;"> |
<div>[[OWASP_Web_Testing_Environment_Project|OWASP Web Testing Environment (WTE)]]</div> | <div>[[OWASP_Web_Testing_Environment_Project|OWASP Web Testing Environment (WTE)]]</div> | ||
</div> | </div> | ||
| − | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;"> | + | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;background:lightgray;"> |
<div>A collection of easy-to-use application security tools and documentation available in multiple formats</div> | <div>A collection of easy-to-use application security tools and documentation available in multiple formats</div> | ||
</div> | </div> | ||
| Line 39: | Line 39: | ||
<div>Pentesting tool to more efficiently find, verify and combine vulnerabilities in short timeframes</div> | <div>Pentesting tool to more efficiently find, verify and combine vulnerabilities in short timeframes</div> | ||
</div> | </div> | ||
| − | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;"> | + | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;background:lightgray;"> |
<div>[[OWASP_Dependency_Check|OWASP Dependency Check]]</div> | <div>[[OWASP_Dependency_Check|OWASP Dependency Check]]</div> | ||
</div> | </div> | ||
| − | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;"> | + | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;background:lightgray;"> |
<div>A utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities</div> | <div>A utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities</div> | ||
</div> | </div> | ||
| Line 51: | Line 51: | ||
<div>A web and mobile application security training platform to foster and improve security awareness among a varied skill-set demographic</div> | <div>A web and mobile application security training platform to foster and improve security awareness among a varied skill-set demographic</div> | ||
</div> | </div> | ||
| − | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;"> | + | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;background:lightgray;"> |
<div>[[OWASP_DefectDojo_Project|OWASP DefectDojo]]</div> | <div>[[OWASP_DefectDojo_Project|OWASP DefectDojo]]</div> | ||
</div> | </div> | ||
| − | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;"> | + | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;background:lightgray;"> |
<div>An open source vulnerability management tool that streamlines the testing process by offering templating, report generation, metrics, and baseline self-service tools</div> | <div>An open source vulnerability management tool that streamlines the testing process by offering templating, report generation, metrics, and baseline self-service tools</div> | ||
</div> | </div> | ||
| Line 72: | Line 72: | ||
<div>A set of generic attack detection rules for use with ModSecurity or compatible web application firewalls which aims to protect web applications from a wide range of attacks</div> | <div>A set of generic attack detection rules for use with ModSecurity or compatible web application firewalls which aims to protect web applications from a wide range of attacks</div> | ||
</div> | </div> | ||
| − | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;"> | + | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;background:lightgray;"> |
<div>[[OWASP_CSRFGuard_Project|OWASP CSRFGuard]]</div> | <div>[[OWASP_CSRFGuard_Project|OWASP CSRFGuard]]</div> | ||
</div> | </div> | ||
| − | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;"> | + | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;background:lightgray;"> |
<div>A library that implements a variant of the synchronizer token pattern to mitigate the risk of Cross-Site Request Forgery (CSRF) attacks</div> | <div>A library that implements a variant of the synchronizer token pattern to mitigate the risk of Cross-Site Request Forgery (CSRF) attacks</div> | ||
</div> | </div> | ||
| Line 87: | Line 87: | ||
<div>Provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development</div> | <div>Provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development</div> | ||
</div> | </div> | ||
| − | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;"> | + | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;background:lightgray;"> |
<div>[[OWASP_AppSensor_Project|OWASP AppSensor]]</div> | <div>[[OWASP_AppSensor_Project|OWASP AppSensor]]</div> | ||
</div> | </div> | ||
| − | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;"> | + | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;background:lightgray;"> |
<div>A conceptual framework and methodology that offers prescriptive guidance to implement intrusion detection and automated response into applications</div> | <div>A conceptual framework and methodology that offers prescriptive guidance to implement intrusion detection and automated response into applications</div> | ||
</div> | </div> | ||
| Line 99: | Line 99: | ||
<div>An open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization</div> | <div>An open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization</div> | ||
</div> | </div> | ||
| − | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;"> | + | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;background:lightgray;"> |
<div>[[OWASP_Top_Ten_Project|OWASP Top Ten]]</div> | <div>[[OWASP_Top_Ten_Project|OWASP Top Ten]]</div> | ||
</div> | </div> | ||
| − | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;"> | + | <div style="width:50%;text-align:left;padding:0px;margin:0px;float:left;background:lightgray;"> |
<div>A powerful awareness document for web application security that represents a broad consensus about the most critical security risks to web applications</div> | <div>A powerful awareness document for web application security that represents a broad consensus about the most critical security risks to web applications</div> | ||
</div> | </div> | ||
Revision as of 21:28, 26 August 2018
| |
|---|
| Every vibrant technology marketplace needs an unbiased source of information on best practices as well as an active body advocating open standards. In the Application Security space, one of those groups is the Open Web Application Security Project™ (or OWASP for short).
The Open Web Application Security Project (OWASP) is a 501(c)(3) worldwide not-for-profit charitable organization focused on improving the security of software. Our mission is to make software security visible, so that individuals and organizations are able to make informed decisions. OWASP is in a unique position to provide impartial, practical information about AppSec to individuals, corporations, universities, government agencies, and other organizations worldwide. Operating as a community of like-minded professionals, OWASP issues software tools and knowledge-based documentation on application security. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. You'll find everything about OWASP here on or linked from our wiki and current information on our OWASP Blog. OWASP does not endorse or recommend commercial products or services, allowing our community to remain vendor neutral with the collective wisdom of the best minds in software security worldwide. We ask that the community look out for inappropriate uses of the OWASP brand including use of our name, logos, project names, and other trademark issues. There are thousands of active wiki users around the globe who review the changes to the site to help ensure quality. If you're new, you may want to check out our getting started page. As a global group of volunteers with over 45,000 participants, questions or comments should be sent to one of our many mailing lists focused on a topic or directed to the staff using the OWASP Contact Us Form. |
| |
Flagship ProjectsTool Projects
Automatically finds security vulnerabilities in your web applications while you are developing and testing your applications
A collection of easy-to-use application security tools and documentation available in multiple formats
Pentesting tool to more efficiently find, verify and combine vulnerabilities in short timeframes
A utility that identifies project dependencies and checks if there are any known, publicly disclosed, vulnerabilities
A web and mobile application security training platform to foster and improve security awareness among a varied skill-set demographic
An open source vulnerability management tool that streamlines the testing process by offering templating, report generation, metrics, and baseline self-service tools
An intentionally insecure webapp for security trainings written entirely in JavaScript which encompasses the entire OWASP Top Ten and other severe security flaws
Code Projects
A set of generic attack detection rules for use with ModSecurity or compatible web application firewalls which aims to protect web applications from a wide range of attacks
A library that implements a variant of the synchronizer token pattern to mitigate the risk of Cross-Site Request Forgery (CSRF) attacks
Documentation Projects
Provides a basis for testing web application technical security controls and also provides developers with a list of requirements for secure development
A conceptual framework and methodology that offers prescriptive guidance to implement intrusion detection and automated response into applications
An open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization
A powerful awareness document for web application security that represents a broad consensus about the most critical security risks to web applications
Includes a "best practice" penetration testing framework which users can implement in their own organizations and a "low level" penetration testing guide that describes techniques for testing most common web application and web service security issues
|
| |
Are You Ready?Join OWASP and top industry leaders as we share the next cutting edge technological advancements in software security at our upcoming premier gathering in the US:
October 8th to 12th
Fairmont San Jose
San Jose, CA
Call for Training/Papers Closed
|
| |
Google Summer of CodeThank you to our mentors! We had 100% participation in final evaluations of the students.
#GSOC #OpenSource |
| |
 Thank you to our our corporate supporters that enable us to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks. A complete list of our current corporate and academic supporters can be found on our Acknowledgements Page
|
| |
Hundreds of Hours of AppSec Videos |
| |
